Sample code for 30+ languages & platforms
Delphi DLL

Use a Custom Set of Trusted Root Certificates

See more Certificates Examples

Demonstrates how to build a set of trusted root certificates to be used globally by all Chilkat classes.

Chilkat Delphi DLL Downloads

Delphi DLL
uses
    Winapi.Windows, Winapi.Messages, System.SysUtils, System.Variants, System.Classes, Vcl.Graphics,
    Vcl.Controls, Vcl.Forms, Vcl.Dialogs, Vcl.StdCtrls, TrustedRoots, ZipEntry, Cert, Zip;

...

procedure TForm1.Button1Click(Sender: TObject);
var
success: Boolean;
trustedRoots: HCkTrustedRoots;
zip: HCkZip;
entry: HCkZipEntry;
pemStr: PWideChar;
cert: HCkCert;
pattern: PWideChar;
bHasMoreEntries: Boolean;

begin
success := False;

// This example requires the Chilkat API to have been previously unlocked.
// See Global Unlock Sample for sample code.

trustedRoots := CkTrustedRoots_Create();

//  Indicate that we will NOT trust any pre-installed certificates on the system.
CkTrustedRoots_putTrustSystemCaRoots(trustedRoots,False);

// Thawte is a certificate authority that provides a .zip download of their
// root CA certificates:  https://www.thawte.com/roots/index.html
// The direct download link is: https://www.verisign.com/support/thawte-roots.zip
// Note: The above URLs are valid at the time of writing this example (29-May-2015).

// Assuming the .zip has already been downloaded, open it and load each .pem file into
// our trusted roots object.
zip := CkZip_Create();

// Open a .zip containing PEM files, among other things..
success := CkZip_OpenZip(zip,'qa_data/certs/thawte-roots.zip');
if (success = False) then
  begin
    Memo1.Lines.Add(CkZip__lastErrorText(zip));
    Exit;
  end;

entry := CkZipEntry_Create();

cert := CkCert_Create();

pattern := '*.pem';
bHasMoreEntries := CkZip_EntryMatching(zip,pattern,entry);
while bHasMoreEntries = True do
  begin

    Memo1.Lines.Add('Entry: ' + CkZipEntry__fileName(entry));

    // Get the PEM of the CA cert:
    pemStr := CkZipEntry__unzipToString(entry,0,'utf-8');

    // Load it into a certificate object:
    success := CkCert_LoadPem(cert,pemStr);
    if (success <> True) then
      begin
        Memo1.Lines.Add(CkCert__lastErrorText(cert));
      end;

    // Add it to the trusted roots.
    CkTrustedRoots_AddCert(trustedRoots,cert);

    bHasMoreEntries := CkZipEntry_GetNextMatch(entry,pattern);
  end;

//  Activate the trusted roots globally for all Chilkat objects.
//  This call really shouldn't fail, so we're not checking the return value.
success := CkTrustedRoots_Activate(trustedRoots);

CkTrustedRoots_Dispose(trustedRoots);
CkZip_Dispose(zip);
CkZipEntry_Dispose(entry);
CkCert_Dispose(cert);

end;